Insider

Get exclusive access to premium articles, product guides, reviews, how-tos, and more from CIO, CSO, Computerworld, InfoWorld, ITworld, and Network World - the best enterprise tech publications in the business. Learn more!

A lost businessman wanders amid conflicting directional signs through the fog.

8 biases that will kill your security program

CISOs and their security teams often hold cognitive biases that get in the way of making the right risk management and incident response decisions. Here are eight of the most common to avoid.

data analytics / risk assessment / tracking data or trends

Move over XDR, it's time for security observability, prioritization, and validation (SOPV)

Independent tools and data repositories are coming together for better threat management, impacting organizations, security professionals, and the industry. We need to take the same approach to security hygiene and posture management....

vulnerable breach cyberattack hacker

Securing CI/CD pipelines: 6 best practices

Criminals are exploiting vulnerabilities in continuous integration/continuous delivery pipelines to steal sensitive information, mine cryptocurrencies, and deliver malicious code.

Chaotic streams brought to binary order / holistic organization / taming data structure

How to choose a SIEM solution: 11 key features and considerations

Get a clear, consolidated view of events and threats across your entire enterprise with SIEM (security and event management). Here’s how to select the best SIEM solution based on your company’s unique assortment of needs.

Windows 11 PC devices

Windows 11's best security features

Windows 11 uses some of the best security features of Windows 10. The big difference is that many are now required.

Windows security and protection [Windows logo/locks]

How to check for Active Directory Certificate Services misconfigurations

Recently discovered Microsoft Windows AD CS configuration errors could give attackers account and domain control. Here's how to audit AD CS for vulnerable configurations.

Ransomware  >  An encrypted system, held ransom with lock + chain, displays a dollar sign.

How to control ransomware? International cooperation, disrupting payments are key, experts say

Anti-ransomware acts or regulations will require global cooperation, experts say. In the meantime, ransomware victims should cooperate quickly and fully with authorities.

typewriter are you ready prepare contingency disaster recovery

Tabletop exercises: Six sample scenarios

Tabletop exercises are a low-stress, high-impact way to test your plans for handling a crisis. Here are some tips for getting the most out of the process, plus six scenarios you can use to start your journey.

access control / authentication / privileges / security / key

How to test the impact of new Windows DCOM Server authentication

Microsoft has hardened authentication for its DCOM Server in response to a vulnerability. Check for the impact on your network now before the change becomes permanent.

CSO  >  Botnet  >  Robots amid a blue binary matrix

Botnet attacks on APIs: Why most companies are unprepared

The use of botnets to target applications for illegal and unethical purposes is growing, yet implementation of bot detection tools and best practices lags.

healthcare data breach / medical patient privacy security violation

5 biggest healthcare security threats for 2021

Healthcare organizations can expect ransomware, botnets, cloud misconfigurations, web application attacks, and phishing to be their top risks.

A hook is cast at laptop email with fishing lures amid abstract data.
Tip

4 steps to prevent spear phishing

Your users are in the crosshairs of the best attackers out there. Follow these steps to better protect them.

Tech Spotlight   >   Cloud [CSO]   >   Conceptual image of laptop users with cloud security overlay.

AWS, Google Cloud, and Azure: How their security features compare

Each cloud platform differs in the security tools and features it offers customers to help them protect their cloud assets.

Microsoft Windows security  >  Windows laptop + logo with binary lock and key

6 minimum security practices to implement before working on best practices

Every Windows network admin can improve their security posture by focusing on these six basic areas.

Social engineering / social media security / privacy breach / fraud

How cybercriminals turn ‘harmless’ stolen or leaked data into dollars

By merging data from multiple sources, cybercriminals can build profiles of hacked account owners to enable other attacks or increase the effectiveness of social engineering campaigns.

malware attack

6 most common types of software supply chain attacks explained

Not all software supply chain attacks are the same. Here are the methods attackers currently use to corrupt legitimate software through third parties.

vulnerable breach cyberattack hacker

How API attacks work, and how to identify and prevent them

Attackers know how to get around WAFs and API gateways when targeting APIs. Here's how some companies are coping with the rapid increase in API attacks.

Tech Spotlight   >   Cybersecurity [CSO]   >   Hands gesture in conversation

8 things CISOs should be thinking about, but probably aren't

CISOs need to cover all the security bases. The problem is, some of the bases are easy to overlook.

cloud security expert casb binary cloud computing cloud security by metamorworks getty 100803072 or

What cloud providers can and can't do to protect your data

Moving data to the cloud requires a sense of shared responsibility for security. Here's how cloud providers protect your data and what you still must do yourself.

SD-WAN  >  The concept of a visual transition from hardware cables to software code.

5 things CISOs want to hear about SASE at the RSA Conference

Organizations are planning for secure access service edge (SASE) but have questions on how to get from their current state to converged, cloud-delivered networking and security. They’ll be looking for answers at RSA.

Load More

Become An Insider

Sign up now and get FREE access to hundreds of Insider articles, guides, reviews, interviews, blogs, and other premium content. Learn more.